Tweaks for SITE_URL setup (#6602)

inventree · Feb 28, 2024 · bf97804 · bf97804
1 parent b192c44
commit bf97804
Showing 1 changed file with 5 additions and 2 deletions.
diff --git a/InvenTree/InvenTree/settings.py b/InvenTree/InvenTree/settings.py
@@ -994,6 +994,9 @@
     typecast=list,
 )
 
+if SITE_URL and SITE_URL not in ALLOWED_HOSTS:
+    ALLOWED_HOSTS.append(SITE_URL)
+
 # List of trusted origins for unsafe requests
 # Ref: https://docs.djangoproject.com/en/4.2/ref/settings/#csrf-trusted-origins
 CSRF_TRUSTED_ORIGINS = get_setting(
@@ -1004,7 +1007,7 @@
 )
 
 # If a list of trusted is not specified, but a site URL has been specified, use that
-if SITE_URL and len(CSRF_TRUSTED_ORIGINS) == 0:
+if SITE_URL and SITE_URL not in CSRF_TRUSTED_ORIGINS:
     CSRF_TRUSTED_ORIGINS.append(SITE_URL)
 
 USE_X_FORWARDED_HOST = get_boolean_setting(
@@ -1045,7 +1048,7 @@
 )
 
 # If no CORS origins are specified, but a site URL has been specified, use that
-if SITE_URL and len(CORS_ALLOWED_ORIGINS) == 0:
+if SITE_URL and SITE_URL not in CORS_ALLOWED_ORIGINS:
     CORS_ALLOWED_ORIGINS.append(SITE_URL)
 
 for app in SOCIAL_BACKENDS: